1

I'm trying to make a simple message board MySQL database where you can write a review and submit it via an HTML form on one page and view all of the reviews on a separate page once you've submitted your review.

My problem is two of the fields from the HTML form are not being inserted into my MySQL database which results in my view all reviews page to be missing the Name and Title.

Link to what the "Read all Reviews" page looks like.

The code works without any issue when I tested it doing MySQL queries with just PHP but I need my HTML form to work.

HTML form:

<form action ="process.php" method = "post">
            <fieldset>
                <legend>Review Field</legend>
                Reviewer Name: <br />
                <input type="text" name "name" id = "name"><br />
                Title of Review:<br />
                <input type="text" name "title" id = "title"><br />
                Enter your review below:
                 <!--Textbox start-->   
                 <textarea name="body" id = "body" rows="10" cols="100">
                 </textarea>
                  <!--Textbox end-->    
                <br />
                <input type="submit" name = "submit" id="submit">
                <br />
            </fieldset>
            </form>

Code for process.php:

<?php // Create a database connection.
$dbhost = "localhost";
$dbuser = "root";
$dbpass = "password";
$dbname = "ya_reviews";
$connection = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);

//Test if connection occurred.
if (mysqli_connect_errno()) {
die("Database connection failed: " .
mysqli_connect_error() .
" (" . mysqli_connect_errno() . ")"
);
}

//Perform database query
$name = $_POST['name'];
$title = $_POST['title'];
$body = $_POST['body'];

//This function will clean the data and add slashes.
// Since I'm using the newer MySQL v. 5.7.14 I have to addslashes
$name = mysqli_real_escape_string($connection, $name);
$title = mysqli_real_escape_string($connection, $title);
$body = mysqli_real_escape_string($connection, $body);

//This should retrive HTML form data and insert into database
$query  = "INSERT INTO reviews (name, title, body) 
            VALUES ('".$_POST["name"]."','".$_POST["title"]."','".$_POST["body"]."')";

        $result = mysqli_query($connection, $query);
        //Test if there was a query error
        if ($result) {
            //SUCCESS
        header('Location: activity.php');
        } else {
            //FAILURE
            die("Database query failed. " . mysqli_error($connection)); 
            //last bit is for me, delete when done
        }

mysqli_close($connection);
?>

View all Reviews:

<?php

        //This will fetch the data from the database 
        $query = "SELECT * FROM reviews";
        $result = mysqli_query($connection, $query);
        //Test if there was a query error
        if (!$result) {
            die("Database query failed.");
        }

        // This will let me display the data.
        // The loop will be spilt so I can format with HTML
        while ($row = mysqli_fetch_assoc($result)) {
            //output data from each row
        ?>

        Name: <?php echo $row["name"] . "<br />"; ?>
        Title: <?php echo $row["title"] . "<br />"; ?>
        Review: <?php echo $row["body"] . "<br />";
            echo "<hr>"; ?>
        <?php
        } ?>

Note: I connected to the database with the same code seen in process.php before the above code, I excluded it to save space.

Improve this question
1
  • Please use prepared statements with mysqli- and don't forget to change your password Commented Dec 30, 2016 at 9:46

4 Answers 4

Reset to default
5

Your HTML attribute syntax is incorrect. Its missing = sign between attribute and value.

Change name "name" to name="name" and name "title" to name="title"

<input type="text" name="name" id = "name"><br />
            Title of Review:<br />
<input type="text" name="title" id = "title"><br />

Also during insert you aren't using escaped values.

Use $name instead of $_POST["name"] in insert query. Same goes for title and body values.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you so much! ^^ Syntax errors and mixing up my variables seem to be my mortal enemy. ><
2

The problem is that the name attribute is not correct in HTML.

<input type="text" name="name" id = "name"><br />

<input type="text" name="title" id = "title"><br />
Improve this answer

Comments

0

I think you messed up with syntax of HTML

<form action ="process.php" method = "post">
            <fieldset>
                <legend>Review Field</legend>
                Reviewer Name: <br />
                <input type="text" name="name" id = "name"><br />
                Title of Review:<br />
                <input type="text" name="title" id = "title"><br />
                Enter your review below:
                 <!--Textbox start-->   
                 <textarea name="body" id = "body" rows="10" cols="100">
                 </textarea>
                  <!--Textbox end-->    
                <br />
                <input type="submit" name = "submit" id="submit">
                <br />
            </fieldset>
            </form>

It will work surely!

Improve this answer

Comments

0

Yo, you're just missing some syntax, therefore creating errors when it comes to gathering the data from those elements,

<input type="text" name "title" id = "title">

You're missing the "=" sign from the name parameter

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.